STIGQter STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Symantec ProxySG providing intermediary services for remote access communications traffic must ensure outbound traffic is monitored for compliance with remote access security policies.

DISA Rule

SV-104173r1_rule

Vulnerability Number

V-94219

Group Title

SRG-NET-000061-ALG-000009

Rule Version

SYMP-AG-000020

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the ProxySG to inspect internally initiated traffic.

1. Log on to the Web Management Console.
2. Click Configuration >> Visual Policy Manager.
3. Click "Launch". While in the Visual Policy Manager, click Policy >> Add SSL Access Layer (transparent proxy architectures) or Add Web Access Layer (explicit proxy architectures).
4. Click File >> Install Policy on SG Appliance.

Check Contents

Verify the ProxySG is configured to inspect internally initiated traffic.

1. Log on to the Web Management Console.
2. Click Configuration >> Visual Policy Manager.
3. Click "Launch". While in the Visual Policy Manager, verify that at least one SSL Access Layer (transparent proxy architectures) or Web Access Layer (explicit proxy architectures) is configured.

If the ProxySG is not configured to inspect internally initiated traffic, this is a finding.

Vulnerability Number

V-94219

Documentable

False

Rule Version

SYMP-AG-000020

Severity Override Guidance

Verify the ProxySG is configured to inspect internally initiated traffic.

1. Log on to the Web Management Console.
2. Click Configuration >> Visual Policy Manager.
3. Click "Launch". While in the Visual Policy Manager, verify that at least one SSL Access Layer (transparent proxy architectures) or Web Access Layer (explicit proxy architectures) is configured.

If the ProxySG is not configured to inspect internally initiated traffic, this is a finding.

Check Content Reference

M

Target Key

3515

Comments